@Override public void enterApply_groups_except(Apply_groups_exceptContext ctx) { if (_inGroup) { _w.redFlag("Do not know how to handle apply-groups-except occcurring within group statement"); } _newConfigurationLines.remove(_currentSetLine); }
private <T, U extends T> T convProblem( Class<T> returnType, ParserRuleContext ctx, U defaultReturnValue) { _w.redFlag(convErrorMessage(returnType, ctx)); return defaultReturnValue; }
private <T, U extends T> T convProblem( Class<T> returnType, ParserRuleContext ctx, U defaultReturnValue) { _w.redFlag(convErrorMessage(returnType, ctx)); return defaultReturnValue; }
private <T, U extends T> T convProblem( Class<T> returnType, ParserRuleContext ctx, U defaultReturnValue) { _w.redFlag(convErrorMessage(returnType, ctx)); return defaultReturnValue; }
@Override public void exitSag_dynamic(Sag_dynamicContext ctx) { _w.redFlag("Dynamic address groups are not currently supported: " + getFullText(ctx)); }
@Override public void exitSa_fqdn(Sa_fqdnContext ctx) { _w.redFlag("FQDN in address objects is not currently supported: " + getFullText(ctx)); }
private void warnEmptyPrefixLists() { for (Entry<String, PrefixList> e : _masterLogicalSystem.getPrefixLists().entrySet()) { String name = e.getKey(); PrefixList prefixList = e.getValue(); if (!prefixList.getIpv6() && prefixList.getPrefixes().isEmpty()) { _w.redFlag("Empty prefix-list: '" + name + "'"); } } }
@Override public void enterSet_line_config_devices(Set_line_config_devicesContext ctx) { if (ctx.name != null) { String deviceName = ctx.name.getText(); _currentDeviceName = firstNonNull(_currentDeviceName, deviceName); if (!_currentDeviceName.equals(deviceName)) { /* Do not currently handle multiple device names, which presumably happens only if multiple * physical devices are configured from a single config */ _w.redFlag("Multiple devices encountered: " + deviceName); } } }
private @Nonnull String decryptIfNeededAndHash(@Nonnull String text, int line) { if (JuniperUtils.isJuniper9CipherText(text)) { return JuniperUtils.decryptAndHashJuniper9CipherText(text); } else { _w.redFlag(String.format("Unencrypted key stored at line: %d", line)); return saltAndHash(text); } }
@Override public void exitSrs_application(Srs_applicationContext ctx) { for (Variable_list_itemContext var : ctx.variable_list().variable_list_item()) { String name = getText(var); if (!name.equals(CATCHALL_APPLICATION_NAME)) { _w.redFlag("Unhandled application: " + name); } } }
@Override public void exitPopst_external(Popst_externalContext ctx) { int type = toInt(ctx.DEC()); if (type == 1) { _currentPsThens.add(new PsThenExternal(OspfMetricType.E1)); } else if (type == 2) { _currentPsThens.add(new PsThenExternal(OspfMetricType.E2)); } else { _w.redFlag(String.format("unimplemented: then %s", getFullText(ctx))); } }
@Override public void exitOn_range(On_rangeContext ctx) { _configuration .getNetworkObjects() .put( _currentNetworkObjectInfo.getName(), new RangeNetworkObject(Ip.parse(ctx.start.getText()), Ip.parse(ctx.end.getText()))); _w.redFlag("Network object 'range' is not supported for access lists: " + getFullText(ctx)); }
@Override public void exitPopsf_instance(Popsf_instanceContext ctx) { _w.redFlag( String.format( "unimplemented 'policy-options policy-statement term' from clause: %s", getFullText(ctx))); _currentPsTerm.getFroms().setFromUnsupported(new PsFromUnsupported()); }
@Override public void exitOn_fqdn(On_fqdnContext ctx) { _configuration .getNetworkObjects() .put(_currentNetworkObjectInfo.getName(), new FqdnNetworkObject()); _w.redFlag("Unknown how to resolve domain name to IP address: " + getFullText(ctx)); }
@Override public void exitPopsf_rib(Popsf_ribContext ctx) { _w.redFlag( String.format( "unimplemented 'policy-options policy-statement term' from clause: %s", getFullText(ctx))); _currentPsTerm.getFroms().setFromUnsupported(new PsFromUnsupported()); }
@Override public void exitCp_dh_group(Cp_dh_groupContext ctx) { if (_currentCrytoProfile.getType() == Type.GLOBAL_PROTECT_APP) { _w.redFlag("'dh-group' is illegal for global-proptect-app-crypto-profile"); return; } DiffieHellmanGroup dhGroup = toDiffieHellmanGroup(ctx); if (dhGroup != null) { _currentCrytoProfile.setDhGroup(dhGroup); } }
@Override public void exitCp_hash(Cp_hashContext ctx) { if (_currentCrytoProfile.getType() != Type.IKE) { _w.redFlag("'hash' is illegal for non-Ike crypto profiles"); return; } IkeHashingAlgorithm algo = toIkeHashingAlgorithm(ctx); if (algo != null) { _currentCrytoProfile.setHashAlgorithm(algo); } }
@Override public void exitCp_authentication(Cp_authenticationContext ctx) { if (_currentCrytoProfile.getType() == Type.IKE) { _w.redFlag("'authentication' is illegal for ike-crypto-profile"); return; } IpsecAuthenticationAlgorithm algo = toIpsecAuthenticationAlgorithm(ctx); if (algo != null) { _currentCrytoProfile.setAuthAlgorithm(algo); } }
@Override public void exitS_mtu(S_mtuContext ctx) { String ifaceName = ctx.iface.getText(); // Note: Interface alias is not canonicalized. Interface iface = getAsaInterfaceByAlias(ifaceName); if (iface == null) { // Should never get here with valid config, ASA prevents referencing a nonexistent iface here _w.redFlag(String.format("mtu refers to interface '%s' which does not exist", ifaceName)); return; } iface.setMtu(toInteger(ctx.bytes)); }
@Override public ConvertConfigurationAnswerElement loadConvertConfigurationAnswerElementOrReparse() { ConvertConfigurationAnswerElement ccae = new ConvertConfigurationAnswerElement(); Warnings warnings1 = new Warnings(true, true, true); warnings1.unimplemented("unimplemented1"); Warnings warnings2 = new Warnings(true, true, true); warnings2.redFlag("redflag2"); ccae.setWarnings(ImmutableSortedMap.of("node1", warnings1, "node2", warnings2)); return ccae; } }